7ce876d08fde168f80d24c8f3148b81ab442e96663dd0f0634549be484277310 | Triage

Sharing

General

Target

7ebef5ffa34e988d312a02ee857ed3c4
Size

338KB
Sample

240129-dt4vsaaahp
MD5

7ebef5ffa34e988d312a02ee857ed3c4
SHA1

52768f8851ceabcc88c30896c1e6c67815801a8e
SHA256

7ce876d08fde168f80d24c8f3148b81ab442e96663dd0f0634549be484277310
SHA512

a7259eae544bd522fa6a9bf5d1e913d7755fc71f3da7f57408cecfa2e345e0ce7546269947199b7d9bb6d32ff0e92ea65d87b0b609e5d683232180b9021bb1bc
SSDEEP

6144:tA5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cU9ef8hyWpjIuzl:tjyy64VrDqTWIzW+9YXfuyqfR

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  7ebef5ffa34e988d312a02ee857ed3c4
- Size
  
  338KB
- MD5
  
  7ebef5ffa34e988d312a02ee857ed3c4
- SHA1
  
  52768f8851ceabcc88c30896c1e6c67815801a8e
- SHA256
  
  7ce876d08fde168f80d24c8f3148b81ab442e96663dd0f0634549be484277310
- SHA512
  
  a7259eae544bd522fa6a9bf5d1e913d7755fc71f3da7f57408cecfa2e345e0ce7546269947199b7d9bb6d32ff0e92ea65d87b0b609e5d683232180b9021bb1bc
- SSDEEP
  
  6144:tA5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cU9ef8hyWpjIuzl:tjyy64VrDqTWIzW+9YXfuyqfR
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx